Salvato in:
Dettagli Bibliografici
Autori principali: Ouchebara, Dyna Soumhane, Dupont, Stéphane
Natura: Preprint
Pubblicazione: 2025
Soggetti:
Accesso online:https://arxiv.org/abs/2512.08493
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866911436292227072
author Ouchebara, Dyna Soumhane
Dupont, Stéphane
author_facet Ouchebara, Dyna Soumhane
Dupont, Stéphane
contents Vulnerability code-bases often suffer from severe imbalance, limiting the effectiveness of Deep Learning-based vulnerability classifiers. Data Augmentation could help solve this by mitigating the scarcity of under-represented vulnerability types. In this context, we investigate LLM-based augmentation for vulnerable functions, comparing controlled generation of new vulnerable samples with semantics-preserving refactoring of existing ones. Using Qwen2.5-Coder to produce augmented data and CodeBERT as a classifier on the SVEN dataset, we find that our approaches are indeed effective in enriching vulnerable code-bases through a simple process and with reasonable quality, and that a hybrid strategy best boosts vulnerability classifiers' performance. Code repository is available here : https://github.com/DynaSoumhaneOuchebara/LLM-based-code-augmentation-Generate-or-Refactor-
format Preprint
id arxiv_https___arxiv_org_abs_2512_08493
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle LLM-based Vulnerable Code Augmentation: Generate or Refactor?
Ouchebara, Dyna Soumhane
Dupont, Stéphane
Cryptography and Security
Artificial Intelligence
Vulnerability code-bases often suffer from severe imbalance, limiting the effectiveness of Deep Learning-based vulnerability classifiers. Data Augmentation could help solve this by mitigating the scarcity of under-represented vulnerability types. In this context, we investigate LLM-based augmentation for vulnerable functions, comparing controlled generation of new vulnerable samples with semantics-preserving refactoring of existing ones. Using Qwen2.5-Coder to produce augmented data and CodeBERT as a classifier on the SVEN dataset, we find that our approaches are indeed effective in enriching vulnerable code-bases through a simple process and with reasonable quality, and that a hybrid strategy best boosts vulnerability classifiers' performance. Code repository is available here : https://github.com/DynaSoumhaneOuchebara/LLM-based-code-augmentation-Generate-or-Refactor-
title LLM-based Vulnerable Code Augmentation: Generate or Refactor?
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2512.08493